package com.fengye.security.security.auth.ldap;

import com.fasterxml.jackson.annotation.JsonIgnore;
import lombok.*;
import org.springframework.ldap.odm.annotations.Attribute;
import org.springframework.ldap.odm.annotations.Entry;
import org.springframework.ldap.odm.annotations.Id;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.util.CollectionUtils;

import javax.naming.Name;
import java.io.Serializable;
import java.util.Collection;
import java.util.Collections;

/**
 * @author fengyexjtu@126.com
 * @date 2022年05月24日 8:04 PM
 */

@Data
@AllArgsConstructor
@NoArgsConstructor
@Builder
@With
// 只有包含这四个属性才会被认为是 ldap 的用户
@Entry(objectClasses = {"top", "person", "organizationalPerson", "inetOrgPerson"})
public class LdapUser implements UserDetails{

    @Id
    @JsonIgnore
    private Name id;

    @Attribute(name = "uid")
    private String username;

    @Attribute(name = "userPassword")
    private String password;
    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        return Collections.singleton(new SimpleGrantedAuthority("ROLE_USER"));
    }

    @Override
    public boolean isAccountNonExpired() {
        return true;
    }

    @Override
    public boolean isAccountNonLocked() {
        return true;
    }

    @Override
    public boolean isCredentialsNonExpired() {
        return true;
    }

    @Override
    public boolean isEnabled() {
        return true;
    }
}
